XEP-0012: Last Activity

Abstract:

This specification defines an XMPP protocol extension for communicating information about the last activity associated with an XMPP entity. It is typically used by an IM client to retrieve the most recent presence information from an offline contact by sending a last activity request to the server that hosts the account controlled by the contact.

It is often helpful to know the time of the last activity associated with a entity. The canonical usage is to discover when a disconnected user last accessed its server. The 'jabber:iq:last' namespace provides a method for retrieving that information. The 'jabber:iq:last' namespace can also be used to discover or publicize when a connected user was last active on the server (i.e., the user's idle time) or to query servers and components about their current uptime.

In order to request last activity information regarding another entity, the requesting entity sends an <iq/> stanza of type "get" to the target entity, containing a <query/> element qualified by the 'jabber:iq:last' namespace:

The target entity MUST return either an IQ-result or an IQ-error. When returning an IQ-result, the target entity sends an <iq/> stanza of type='result' containing a <query/> element with a REQUIRED 'seconds' attribute and OPTIONAL XML character data.

The requesting entity interprets the IQ-result based on the responding entity's JID type in order to determine the meaning of the information. Specifically, the information means something different depending on the identity of the responding entity:

An account registered on an XMPP server, with a JID of the form <localpart@domain.tld>.

A connected or available resource associated with such an account, with a JID of the form <localpart@domain.tld/resource>.

An "always-on" XMPP server or service, with a JID of the form <domain.tld>.

The primary usage of the 'jabber:iq:last' namespace is to find out how long ago a user logged out (and, additionally, what their status message was at that time). This primary usage assumes that the IQ-get is sent to a bare JID <localpart@domain.tld>. When used in this way, the <query/> element contained in the IQ-result has a 'seconds' attribute, which is the number of seconds that have passed since the user last logged out. In addition, the element MAY contain XML character data that specifies the status message of the last unavailable presence received from the user. An example is shown below:

As specified in XMPP Core [1] and XMPP IM [2], an IQ stanza of type "get" sent to a bare JID <localpart@domain.tld> is handled by the user's server on the user's behalf, not delivered to one or more connected or available resources.

If the requesting entity is not authorized to view the user's presence information (normally via a presence subscription as defined in XMPP-IM), the user's server MUST NOT return last activity information but instead MUST return a <forbidden/> error in response to the last activity request.

Example 4. Requesting Entity is Not Authorized to Retrieve Last Activity Information

In this example, the user logged out fifteen minutes and three seconds ago, and when they logged out they sent a presence stanza of type='unavailable' whose <status/> element contained the text "Heading Home".

If the user has at least one connected or available resource when the server receives the request, the response MUST (subject to local security policies) contain an empty <query/> element whose 'seconds' attribute is set to a value of '0'.

In this case, the user's server shall either deliver the IQ to an available resource or respond on behalf of the user.

In particular, as with the offline query use case above, if the requesting entity is not authorized to view the user's presence information (normally via a presence subscription as defined in XMPP IM), the user's server MUST NOT deliver the IQ-get to an available resource but instead MUST return a <forbidden/> error in response to the last activity request.

Example 7. Requesting Entity is Not Authorized to Retrieve Last Activity Information

If the user's server delivers the IQ-get to one of the user's available resources, the user's client MAY respond with the idle time of the user (i.e., the last time that a human user interacted with the client application).

If there is no available resource matching the <localpart@domain.tld> in the 'to' attribute of the request, the server MUST follow the rules in XMPP IM in order to determine what error stanza to return.

When the last activity query is sent to a server or component (i.e., to a JID of the form <domain.tld>), the information contained in the IQ reply reflects the uptime of the JID sending the reply. The seconds attribute specifies how long the host has been running since it was last (re-)started. The <query/> element SHOULD NOT contain XML character data.

If an entity supports the Last Activity protocol, it MUST advertise that fact in its responses to Service Discovery (XEP-0030) [3] information ("disco#info") requests by returning a feature of "jabber:iq:last".

In order for an application to determine whether an entity supports this protocol, where possible it SHOULD use the dynamic, presence-based profile of service discovery defined in Entity Capabilities (XEP-0115) [4]. However, if an application has not received entity capabilities information from an entity, it SHOULD use explicit service discovery instead.

The information contained in an IQ reply for this namespace is inherently ambiguous. Specifically, for a bare JID <localpart@domain.tld> the information is the time since the JID was last connected to its server; for a full JID <localpart@domain.tld/resource> the information is the time since the resource was last active in the context of an existing session; and for a bare domain the information is the uptime for the server or component. An application MUST take these differences into account when presenting the information to a human user (if any).

A server MUST NOT allow an unauthorized entity to learn a user's network availability by sending a Last Activity request to a JID of the form <localpart@domain.tld> or <localpart@domain.tld/resource>, since doing so would constitute a "presence leak" as described in RFC 6120. That is, Last Activity information MAY be divulged only to those entities that have permission to view the user's presence via a presence subscription (potentially as restricted by Privacy Lists (XEP-0016) [5] or Blocking Command (XEP-0191) [6]).

A client MUST provide a way for a human user to disable sending of Last Activity responses from the client's full JID <localpart@domain.tld/resource>.

Appendix C: Legal Notices

Copyright

Permissions

Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.

Disclaimer of Warranty

## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##

Limitation of Liability

In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.

IPR Conformance

This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).

Appendix D: Relation to XMPP

The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.

Appendix E: Discussion Venue

The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.

Appendix F: Requirements Conformance

The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".

7. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.

8. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <https://xmpp.org/registrar/>.

Appendix H: Revision History

Version 2.0 (2008-11-26)

Per a vote of the XMPP Council, advanced specification to Final; clarified a few small points in the text; added a reference to XEP-0115.

(psa)

Version 1.3 (2008-07-16)

Corrected server processing rules to block queries to a full JID when the requesting entity is not authorized to view the presence of the user.

(psa)

Version 1.2 (2007-02-15)

Per a vote of the XMPP Council, changed from Historical and Active to Standards Track and Draft; added Implementation Notes and clarified text throughout; added proviso to security considerations regarding client support; added section on Service Discovery.